Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

computer can perform almost no tasks. {RESOLVED} [RESOLVED]

iceblood

Posted 07 February 2008 - 11:42 PM

iceblood

Member

Member

10 posts

Hello,

I have been given the task of trying to fix this computer. The owner does not have a windows XP home disk so reinstall is out. When booted normally the PC can barely function. most applications will not run, even opening my computer is impossible. viewing the task manager I see that whatever application I try to run consistantly uses 99% of the system resources, for instance idle process will be 99%, I open IE and for however long I wait Iexplore.exe will use 99% of system resources, IE never opens. I cannot install AVG. The final installtion step of AVG requires a file named something like avg7.sys to start. This step errors because the RPC service is not running. I try manually to start the service but recieve an error that the service does not respond in a timely fasion and never starts. I was unable to install windows defender but I did succeed in networking the PC and scanning the c drive with windows defender with another PC. I thought scanning with AVG would be good however free AVG does not allow scanning of mapped drives. Via housecall I know the names of the viruses, PE_tras.A and Trojan_agent.toz.

Below I will post the scan from panda AV website and hijack this log (I am only able to run hijackthis from safe mode at the moment so Im not sure how usefull it will be). Panda did say it removed some viruses so I will reboot after this post and rescan then post the results.

quick updated.I ran housecall and it does seem like panda removed some housecall had previously been unable to but the big one is still there 'PE_trats.A' along with a downloader 'Troj_vundo.aca' and 'PE_tras.a-o'. Housecall shows that these viruses are associated with the wireless card (zcfgsrvc.exe) ctfmon.exe snf fcccdby.dll (whatever that is). Im fear if I try booting in normal mode again I will only allow the trojans to install all the malware I have removed. I think at this point I will wait patiently for advice.

Edited by iceblood, 12 February 2008 - 02:38 PM.

0

Advertisements

Rorschach112

Posted 11 February 2008 - 10:04 AM

Double click combofix.exe and follow the prompts.When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next replyNote: Do not mouseclick combofix's window while its running. That may cause it to stall

iceblood

Posted 11 February 2008 - 01:52 PM

iceblood

Member

Topic Starter

Member

10 posts

Wow, ComboFix is a beast. It cleaned the system right up. I am running it in normal mode now, and its running well. Just some HP installation popup. I was able to install AVG and am running a scan as we speak, here are the logs of, first combofix then HJT. Thanks for the help and the referral to such software =).

2. Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis.

1. Close any open browsers.

2. Open notepad and copy/paste the text in the quotebox below into it:

iceblood

Posted 11 February 2008 - 04:39 PM

iceblood

Member

Topic Starter

Member

10 posts

I just ran windows defender and AVG, both came back with a clean bill. comp is running great! Unless you see something else I would say you've done it. Thanks so much man, I thought this would be much harder then it was. =)

Download the latest version of Java Runtime Environment (JRE), and install it to your computer from here

Below I have included a number of recommendations for how to protect your computer against malware infections.

* Keep Windows updated by regularly checking their website at :http://windowsupdate.microsoft.com/This will ensure your computer has always the latest security updates available installed on your computer.

* To reduce re-infection for malware in the future, I strongly recommend installing these free programs:SpywareBlaster protects against bad ActiveXIE-SPYAD puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all Have a look at this tutorial for IE-Spyad here

In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".

Next Click OK, then Apply button and then OK to exit the Internet Properties page.

* MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

* Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop upblocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from Here

* Take a good look at the following suggestions for malware prevention by reading Tony Klein’s article 'How Did I Get Infected In The First Place'Here

Thank you for your patience, and performing all of the procedures requested.

iceblood

Posted 12 February 2008 - 01:21 PM

iceblood

Member

Topic Starter

Member

10 posts

Geat job man, If they had their OEM disk I was just going to format the PC. Im hooking them up with AVG +firewall so that should take care of most of the needs. I usually just use windows defender for spyware do you think I should give them spyware blaster as well? installed the new JRE. Im not sure if I can convince them to use mozilla but I at least installed IE 7, hopefully they will stay away from whatever they got into.

Seriously though, dont thank me. You really resurrected this PC thanks so much for helping out!

Rorschach112

Posted 12 February 2008 - 02:00 PM

Rorschach112

Ralphie

Retired Staff

47,710 posts

Well SpywareBlaster and SpywareGuard are different type of security programs, they don't scan to remove malware, instead they protect you from getting infected in the first place. This is very important, and makes them an essential for any PC user.